Two weeks ago, Cisco announced its intent to acquire Astrix Security for roughly $400M (Calcalist ). That deal didn’t create the non-human identity category โ it made the category buyable, and AppSec teams started getting demos the following week.
Most of those demos sounded the same. They aren’t. I count at least five distinct vendor plays under the “NHI” banner, and the difference between them is whether you’ll cover your real attack surface or just inventory it.
The category is one word. The products are five plays.
NHI as a marketing term is now wide enough to cover four very different control problems and one detection layer.
CSA’s State of Non-Human Identity Security survey found only 15% of organizations feel highly confident in preventing NHI attacks, while 69% express concerns. The vendor pitch deck looks the way it does because of that gap.
The vendors don’t always disagree on this โ they just lead with the play they sell. If you walk into a demo without knowing which play you’re shopping for, every vendor will pitch you their own.
| Play | What it governs | Vendors |
|---|---|---|
| Workload & agentic identity | Short-lived workload-to-workload identity | Aembit, Defakto |
| SaaS / OAuth NHI governance | OAuth grants, GitHub apps, agent installs | Astrix, Token Security, Andromeda |
| JIT cloud permissions | Time-bounded cloud console access | Apono, Britive |
| Secrets-as-identity backbone | Vaulted, dynamic credentials | HashiCorp Vault, CyberArk Conjur + Secrets Hub, Akeyless |
| Identity threat detection (ITDR) | Runtime identity attack detection | Permiso |
Here is the way I would tell them apart.
1. Workload and agentic identity
Give a workload โ service, CI job, AI agent โ its own short-lived identity instead of a static API key. Aembit pitches “IAM for agentic AI and workloads”: secretless access with real-time policy. Defakto (formerly SPIRL, rebranded October 2025) builds on SPIFFE, the standard powering Istio. Vault stores credentials; this layer makes the credential unnecessary.
2. SaaS and OAuth NHI governance
Inventory OAuth grants, GitHub apps, and SaaS-to-SaaS agent installs โ the things a developer enables with a one-click consent dialog and forgets about. Astrix scores their risk and now provisions new agents with short-lived, scoped credentials via an Agent Control Plane. Token Security plays the same field with heavier lifecycle management; Andromeda Security watches how an identity actually uses access and trims from there. This is the layer Cisco just spent ~$400M on.
3. JIT cloud permissions
The modern, machine-aware version of PAM: grant cloud access on demand, scope to one action, expire on a timer. Apono automates cloud-permission grants; Britive does the same across multi-cloud with a stronger machine-identity story.
What neither governs on its own: the OAuth grant in your GitHub org, or the API key in a CI variable older than two interns ago. This is where AppSec teams most often confuse what they’re buying.
4. Secrets-as-identity backbone
Anchor NHI in the credential vault: store the secret, rotate it, hand it out under policy. HashiCorp Vault (part of IBM since 2025) is the reference โ dynamic, short-lived credentials per workload. CyberArk pairs open-source Conjur with Secrets Hub for enterprise PAM integration; Akeyless leads with zero-knowledge encryption. If you run one of these, you have a partial NHI program โ and a partial blind spot.
5. Identity threat detection (ITDR)
A separate problem entirely from the four control plays. ITDR assumes the credential is already out there and asks: is it doing something it shouldn’t? Permiso is the clearest example โ single pane across IdPs, IaaS, SaaS, and CI/CD, hunting for human and non-human identities behaving like the riskiest actors. You buy it for what happens after prevention fails.
Why Cisco moved here first, and why $400M makes sense
Cisco picked Astrix specifically โ not Aembit, not Vault, not Permiso. Cisco’s own language gives the answer: “extending Zero Trust to the agentic workforce.” Astrix’s category sits exactly where Zero Trust meets the part of the org that human IAM tools never modeled.
The Saturday consent dialog becomes a Monday inventory item. That is the layer Cisco bought.
Cisco already owns identity for humans through Duo, and the network. The SaaS/OAuth layer is where their customers’ attack surface migrated after 2022 โ and where the rest of the Cisco stack cannot see.
The deal is still “intent to acquire.” Close has not happened. If your roadmap depends on Cisco-Astrix integrations, you are betting on regulatory approval and the typical 6 to 12 month integration timeline.
The mistake AppSec teams are making this quarter
The mistake is buying one play for the surface of another.
I’m seeing AppSec teams treat HashiCorp Vault as their NHI program. Vault is exceptional at what it does โ but it doesn’t know that a developer connected the Salesforce-to-Slack agent on Saturday with read-everything scope. The same mistake runs the other way: Astrix will not rotate your database credentials, and Apono will not detect a malicious OAuth grant on your GitHub org.
If you can name what your one vendor doesn’t cover, you have a program. If you can’t, you have one product and an open flank.
Six things to do this week
- Inventory your own NHI surface before any demo. Five buckets: workload-to-workload, OAuth grants and SaaS-to-SaaS, JIT cloud permissions, stored secrets, runtime sessions. List which ones you cannot enumerate today.
- Match each bucket to one of the five plays above. If two buckets map to the same play, you have overlap. If a bucket maps to nothing, that is your real gap.
- Ask one question of every vendor in a demo: does this reduce the blast radius of a compromised token, or just inventory it? Inventory vendors are useful but they do not break the kill chain.
- If you run HashiCorp Vault or CyberArk today, ask the secrets-vendor rep specifically which 30% of your NHIs they don’t govern. Reps who can name the gap honestly are reps who deserve a follow-up.
- Pin agent session identities (Claude Code, Cursor, Copilot Workspace) to specific repos or branches. Tomorrow’s npm worm will harvest the broadest-scoped agent token on the developer’s machine.
- Default new OAuth grants and GitHub apps to read-only for thirty days. Promote to write after a deliberate review. The Saturday-install problem only gets worse from here.
Where this goes in six months
The five plays do not stay five. ITDR vendors will add prevention, secrets vendors will add OAuth-grant inventory, governance vendors will buy or build workload identity. Cisco-Astrix is the first consolidation move. The buying decisions you make this quarter are bets on which play covers your largest current blind spot โ the boundary I named in #8 hasn’t moved, but the vendor map is finally starting to.
Which vendor did I put in the wrong bucket? Reply and tell me โ I’ll feature the sharpest corrections in next week’s issue.